package com.erp.erp_mask.config;

import lombok.SneakyThrows;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;

/**
 * @BelongsProject: erp_mask
 * @BelongsPackage: com.erp.erp_mask.config
 * @Author: wang
 * @CreateTime: 2024-05-08  10:44
 * @Description: TODO
 * @Version: 1.0
 * @effect:
 */
@Configuration
public class SecurityConfig {
    @Bean
    public PasswordEncoder passwordEncoder(){
        return new BCryptPasswordEncoder();
    }
    @SneakyThrows
    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity http){
        //允许在页面使用iframe
        http.headers(conf->conf.frameOptions(auth->auth.sameOrigin()));
        //禁用csrf
        http.csrf(csrf->csrf.disable());
        //声明放行的资源及认证的资源
        http.authorizeHttpRequests(req->req.requestMatchers("/sys/to_login","/webjars/**","/imgs/**")
                .permitAll()
                .anyRequest()
                .authenticated());
        //声明表单认证的相关信息
        http.formLogin(form->form.loginPage("/sys/to_login")
                .defaultSuccessUrl("/")
                .usernameParameter("username")
                .passwordParameter("pwd")
                .loginProcessingUrl("/doLogin"));
        return http.build();
    }
}
